Endpoint Protection

 View Only

  • 1.  SAV for Linux: How do I set the DWORD value to zero?

    Posted Dec 28, 2012 02:33 AM

    According to page 28 (right-hand column under "Description") of "SymantecTM AntiVirus for Linux 1.0.14 Implementation Guide", it says:

    By default, the maximum number of items that can be added to a manual scan that is generated from the command line interface is 100. You can use symcfg to change the DWORD value \Symantec Endpoint Protection\AV\MaxInput to increase this limit. To remove the limit entirely, you must set it to 0.

    I wish to remove the limit entirely, that is, I need to set it to 0.

    Could someone be kind enough to give me the specific commands that I must issue at the terminal window? I am using Ubuntu 12.10, 64 bit, English, kernel version 3.5.0.21.

    Thanks in advance.



  • 2.  RE: SAV for Linux: How do I set the DWORD value to zero?

    Posted Dec 28, 2012 07:07 AM

    xsymcfg

    The unsupported xsymcfg tool is located in /opt/Symantec/symantec_antivirus/unsupported directory.  Just in case this article has not been clear, this tool is handy but it is unsupported.  Use it at your own risk, because Technical Support will not be able to help reverse any damage done if xsymcfg is used incorrectly.  The only option will be to uninstall SAVFL and re-install it using the default settings. 

    Here is what xsymcfg looks like:

     

    In brief, it operates just like the Registry on a windows computer.  Using this graphical tool to change key values will alter the way that SAVFL behaves.

    For example, from the Symantec AntiVirus for Linux Implementation Guide:

    By default, the maximum number of items that can be added to a manual scan that is generated from the command line interface is 100. You can use symcfg to change the DWORD value VirusProtect6\MaxInput to increase this limit. To remove the limit entirely, you must set it to 0.

    To change that value, just open up HKEY_CURRENT_USER, Symantec Endpoint Protection, AV in xsymcfg.  Right-click on MaxInput and chose to Modify.  Change the value to 0 and click OK.

     



  • 3.  RE: SAV for Linux: How do I set the DWORD value to zero?

    Posted Dec 28, 2012 07:15 AM

    Thanks, Mick2009, for your help.

    On behalf of all users who might have to modify the DWORD value in symcfg, may I suggest that you create a TECH article out of what you wrote here.

    Meanwhile I will test your suggestion and report back. If it works, I shall mark your reply as THE solution.



  • 4.  RE: SAV for Linux: How do I set the DWORD value to zero?

    Posted Dec 28, 2012 07:31 AM

    To: Mick2009

    This is my feedback to your suggestion on how to modify the DWORD value.

    Yes, I confirm that it worked.

    Bravo!

    I would like to take this opportunity to wish you and your loved ones a happy, blessed and prosperous New Year 2013!



  • 5.  RE: SAV for Linux: How do I set the DWORD value to zero?
    Best Answer

    Posted Dec 28, 2012 07:38 AM

    Glad to help! &: )

    Keep an eye out for full details of the three ways to configure SAVFL in my forthcoming "SAV for Linux: A (Somewhat) Illustrated Guide Part 2" -this new article should be live on https://www-secure.symantec.com/connect/articles/sav-linux-somewhat-illustrated-guide-part-2 within teh next couple of days.

     



  • 6.  RE: SAV for Linux: How do I set the DWORD value to zero?

    Posted Dec 28, 2012 07:54 AM

    Kudos to Mick2009.



  • 7.  RE: SAV for Linux: How do I set the DWORD value to zero?

    Posted Dec 28, 2012 07:56 AM

    To: Mick2009

    In your article, you can also specify that your solution works on Ubuntu 12.10, kernel version 3.5.0.21. (That's my installed OS).